program: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0) (async) setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4) (async) connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10) (async) setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4) (async) write$binfmt_elf32(r1, &(0x7f00000014c0)=ANY=[], 0x46b) sendmmsg$inet(r1, &(0x7f0000000f40)=[{{0x0, 0x0, &(0x7f0000000500)}}, {{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000580)="f1", 0xffffff5b}, {&(0x7f0000000c80)='a', 0x1}, {&(0x7f0000000b40)='M', 0x1}, {&(0x7f0000000d80)='o', 0x1}, {&(0x7f0000000e80)='\b', 0x1}], 0x5}, 0x70040000}, {{0x0, 0x0, &(0x7f00000002c0)}}, {{0x0, 0x0, &(0x7f0000000dc0)=[{&(0x7f0000000440)="88", 0x1}, {&(0x7f0000000840)="e5", 0x1}, {&(0x7f0000000000)="967cfc7220c0301f132bd019274d2c56c3ffdcf04191b4b046fa1271533ff701d0d3a75f3e29402e764d", 0x2a}], 0x3}}], 0x4, 0x4048841) r2 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e21, @empty}, 0x10) connect$inet(r2, &(0x7f0000000140)={0x2, 0x4e21, @empty}, 0x10) r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000040), 0x2000, 0x0) readv(r3, &(0x7f0000000280)=[{&(0x7f0000000180)=""/100, 0x64}, {&(0x7f0000000240)=""/33, 0x21}], 0x2) (async) r4 = socket$unix(0x1, 0x5, 0x0) r5 = socket$inet6_mptcp(0xa, 0x1, 0x106) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'veth1_to_bridge\x00', 0x0}) (async) r7 = socket$inet6_mptcp(0xa, 0x1, 0x106) ioctl$sock_inet6_SIOCSIFADDR(r7, 0x8916, &(0x7f0000000100)={@private1={0xfc, 0x1, '\x00', 0x1}, 0x0, r6}) r8 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet6_SIOCADDRT(r8, 0x890b, &(0x7f0000000140)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @mcast1, @private2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0022}) ioctl$sock_inet6_SIOCADDRT(r5, 0x890b, &(0x7f0000000540)={@rand_addr=' \x01\x00', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @private1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4400046, r6}) (async) r9 = socket$inet6_mptcp(0xa, 0x1, 0x106) ioctl$sock_inet6_SIOCADDRT(r9, 0x890b, &(0x7f0000000540)={@remote, @loopback, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x0, 0x0, 0x0, 0x0, 0x0, 0x26, r6}) (async) r10 = socket$inet6_mptcp(0xa, 0x1, 0x106) ioctl$sock_inet_SIOCSIFFLAGS(r10, 0x8914, &(0x7f0000000100)={'veth1_to_bridge\x00'}) (async) r11 = dup2(r4, r0) close_range(r11, 0xffffffffffffffff, 0x0) [ 74.710731][ T4679] Bluetooth: hci0: command tx timeout [ 74.813927][ T5331] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 74.833040][ T38] bridge0: port 2(bridge_slave_1) entered disabled state [ 74.841242][ T5331] TCP: out of memory -- consider tuning tcp_mem [ 74.846268][ T5331] ------------[ cut here ]------------ [ 74.848669][ T5331] WARNING: CPU: 0 PID: 5331 at net/ipv4/af_inet.c:156 inet_sock_destruct+0x623/0x730 [ 74.853545][ T5331] Modules linked in: [ 74.855701][ T5331] CPU: 0 UID: 0 PID: 5331 Comm: syz.0.0 Not tainted 6.15.0-syzkaller-12426-ge271ed52b344 #0 PREEMPT(full) [ 74.861544][ T5331] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 74.866188][ T5331] RIP: 0010:inet_sock_destruct+0x623/0x730 [ 74.868975][ T5331] Code: 0f 0b 90 e9 62 fe ff ff e8 9a 36 d2 f7 90 0f 0b 90 e9 95 fe ff ff e8 8c 36 d2 f7 90 0f 0b 90 e9 bb fe ff ff e8 7e 36 d2 f7 90 <0f> 0b 90 e9 e1 fe ff ff 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 9f fc [ 74.878839][ T5331] RSP: 0018:ffffc9000d677c58 EFLAGS: 00010293 [ 74.881675][ T5331] RAX: ffffffff89ee2552 RBX: dffffc0000000000 RCX: ffff8880003b4880 [ 74.885536][ T5331] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000 [ 74.889356][ T5331] RBP: 0000000080000000 R08: ffff88803175425f R09: 1ffff110062ea84b [ 74.892768][ T5331] R10: dffffc0000000000 R11: ffffed10062ea84c R12: ffff888031753fc0 [ 74.896460][ T5331] R13: dffffc0000000000 R14: ffff888031754244 R15: 1ffff110062ea7fa [ 74.900867][ T5331] FS: 00007f9db31486c0(0000) GS:ffff88808d255000(0000) knlGS:0000000000000000 [ 74.904554][ T5331] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.907330][ T5331] CR2: 00002000000014c0 CR3: 00000000434cd000 CR4: 0000000000352ef0 [ 74.911090][ T5331] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 74.915348][ T5331] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 74.918962][ T5331] Call Trace: [ 74.920587][ T5331] [ 74.921820][ T5331] ? netlink_has_listeners+0x339/0x3f0 [ 74.924315][ T5331] ? __pfx_inet_sock_destruct+0x10/0x10 [ 74.926867][ T5331] __sk_destruct+0x89/0x660 [ 74.928962][ T5331] inet_release+0x184/0x210 [ 74.931086][ T5331] sock_close+0xc0/0x240 [ 74.933083][ T5331] ? __pfx_sock_close+0x10/0x10 [ 74.935091][ T5331] __fput+0x449/0xa70 [ 74.936914][ T5331] task_work_run+0x1d1/0x260 [ 74.939377][ T5331] ? __pfx_task_work_run+0x10/0x10 [ 74.942302][ T5331] ? exit_to_user_mode_loop+0x40/0x110 [ 74.944774][ T5331] exit_to_user_mode_loop+0xec/0x110 [ 74.947391][ T5331] do_syscall_64+0x2bd/0x3b0 [ 74.949534][ T5331] ? lockdep_hardirqs_on+0x9c/0x150 [ 74.952089][ T5331] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 74.955362][ T5331] ? clear_bhb_loop+0x60/0xb0 [ 74.957624][ T5331] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 74.960586][ T5331] RIP: 0033:0x7f9db238e929 [ 74.963031][ T5331] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 74.973918][ T5331] RSP: 002b:00007f9db3148038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 74.978167][ T5331] RAX: 0000000000000000 RBX: 00007f9db25b6080 RCX: 00007f9db238e929 [ 74.981962][ T5331] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000000000 [ 74.985291][ T5331] RBP: 00007f9db2410b39 R08: 0000000000000000 R09: 0000000000000000 [ 74.988792][ T5331] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 74.992286][ T5331] R13: 0000000000000000 R14: 00007f9db25b6080 R15: 00007ffdb0ea3b58 [ 74.995764][ T5331] [ 74.997165][ T5331] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 75.000472][ T5331] CPU: 0 UID: 0 PID: 5331 Comm: syz.0.0 Not tainted 6.15.0-syzkaller-12426-ge271ed52b344 #0 PREEMPT(full) [ 75.005740][ T5331] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 75.010364][ T5331] Call Trace: [ 75.011960][ T5331] [ 75.013558][ T5331] dump_stack_lvl+0x99/0x250 [ 75.016060][ T5331] ? __asan_memcpy+0x40/0x70 [ 75.018322][ T5331] ? __pfx_dump_stack_lvl+0x10/0x10 [ 75.020532][ T5331] ? __pfx__printk+0x10/0x10 [ 75.022547][ T5331] panic+0x2db/0x790 [ 75.024374][ T5331] ? __pfx_panic+0x10/0x10 [ 75.026449][ T5331] __warn+0x31b/0x4b0 [ 75.028317][ T5331] ? inet_sock_destruct+0x623/0x730 [ 75.030871][ T5331] ? inet_sock_destruct+0x623/0x730 [ 75.033394][ T5331] report_bug+0x2be/0x4f0 [ 75.035321][ T5331] ? inet_sock_destruct+0x623/0x730 [ 75.037509][ T5331] ? inet_sock_destruct+0x623/0x730 [ 75.039765][ T5331] ? inet_sock_destruct+0x625/0x730 [ 75.042232][ T5331] handle_bug+0x84/0x160 [ 75.044691][ T5331] exc_invalid_op+0x1a/0x50 [ 75.047014][ T5331] asm_exc_invalid_op+0x1a/0x20 [ 75.049123][ T5331] RIP: 0010:inet_sock_destruct+0x623/0x730 [ 75.051583][ T5331] Code: 0f 0b 90 e9 62 fe ff ff e8 9a 36 d2 f7 90 0f 0b 90 e9 95 fe ff ff e8 8c 36 d2 f7 90 0f 0b 90 e9 bb fe ff ff e8 7e 36 d2 f7 90 <0f> 0b 90 e9 e1 fe ff ff 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 9f fc [ 75.060716][ T5331] RSP: 0018:ffffc9000d677c58 EFLAGS: 00010293 [ 75.063591][ T5331] RAX: ffffffff89ee2552 RBX: dffffc0000000000 RCX: ffff8880003b4880 [ 75.067198][ T5331] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000 [ 75.070719][ T5331] RBP: 0000000080000000 R08: ffff88803175425f R09: 1ffff110062ea84b [ 75.074276][ T5331] R10: dffffc0000000000 R11: ffffed10062ea84c R12: ffff888031753fc0 [ 75.078133][ T5331] R13: dffffc0000000000 R14: ffff888031754244 R15: 1ffff110062ea7fa [ 75.081714][ T5331] ? inet_sock_destruct+0x622/0x730 [ 75.083875][ T5331] ? inet_sock_destruct+0x622/0x730 [ 75.086384][ T5331] ? netlink_has_listeners+0x339/0x3f0 [ 75.089108][ T5331] ? __pfx_inet_sock_destruct+0x10/0x10 [ 75.091891][ T5331] __sk_destruct+0x89/0x660 [ 75.094129][ T5331] inet_release+0x184/0x210 [ 75.096254][ T5331] sock_close+0xc0/0x240 [ 75.098133][ T5331] ? __pfx_sock_close+0x10/0x10 [ 75.100339][ T5331] __fput+0x449/0xa70 [ 75.101984][ T5331] task_work_run+0x1d1/0x260 [ 75.104159][ T5331] ? __pfx_task_work_run+0x10/0x10 [ 75.106764][ T5331] ? exit_to_user_mode_loop+0x40/0x110 [ 75.109343][ T5331] exit_to_user_mode_loop+0xec/0x110 [ 75.111776][ T5331] do_syscall_64+0x2bd/0x3b0 [ 75.113723][ T5331] ? lockdep_hardirqs_on+0x9c/0x150 [ 75.115878][ T5331] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.118375][ T5331] ? clear_bhb_loop+0x60/0xb0 [ 75.120728][ T5331] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.123776][ T5331] RIP: 0033:0x7f9db238e929 [ 75.125854][ T5331] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 75.134212][ T5331] RSP: 002b:00007f9db3148038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 75.138903][ T5331] RAX: 0000000000000000 RBX: 00007f9db25b6080 RCX: 00007f9db238e929 [ 75.142709][ T5331] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000000000 [ 75.146140][ T5331] RBP: 00007f9db2410b39 R08: 0000000000000000 R09: 0000000000000000 [ 75.149693][ T5331] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 75.154000][ T5331] R13: 0000000000000000 R14: 00007f9db25b6080 R15: 00007ffdb0ea3b58 [ 75.157685][ T5331] [ 75.159236][ T5331] Kernel Offset: disabled [ 75.161075][ T5331] Rebooting in 86400 seconds..